<?php
header('Content-Type: text/html; charset=utf-8');
require_once dirname(__FILE__) . '/../../../incls/php/dbutils.class.php';
require_once dirname(__FILE__) . '/../../../incls/php/miscutils.class.php';
require_once dirname(__FILE__) . '/../../../incls/php/config.php';
require_once dirname(__FILE__) . '/../../../libs/phpMailer/class.phpmailer.php';
session_name(SESSION);
session_start();
$myPdo = DbUtils::createPdoInst();
$action = MiscUtils::getParam('action', '');
try {
  $myPdo->beginTransaction();
  switch ($action) {
    case 'register':
      register($myPdo);
      break;
    case 'login':
      login($myPdo);
      break;
    case 'send':
      send($myPdo);
      break;
    default:
      break;
  }
  $myPdo->commit();
} catch (PDOException $e) {
  echo $e->getMessage();
}

function register($myPdo) {
  unset($_SESSION['reg_user']);
  unset($_SESSION['reg_pass']);
  unset($_SESSION['reg_pass_re']);
  unset($_SESSION['reg_name']);
  $url = MiscUtils::getParam('url', '');
  $from = MiscUtils::getParam('from', '');
  $reg_user = MiscUtils::getParam('reg_user', '');
  $reg_pass = MiscUtils::getParam('reg_pass', '');
  $reg_pass_re = MiscUtils::getParam('reg_pass_re', '');
  $reg_name = MiscUtils::getParam('reg_name', '');
  $reg_phone = MiscUtils::getParam('reg_phone', '');
  $_SESSION['reg_user_v'] = $reg_user;
  $_SESSION['reg_name_v'] = $reg_name;
  $_SESSION['reg_phone_v'] = $reg_phone;
  $is_err = 0;
  if (!filter_var($reg_user, FILTER_VALIDATE_EMAIL)) {
    $_SESSION['reg_user'] = '无效邮箱地址';
    $is_err = 1;
  } else {
    $cond_vals = new stdClass();
    $cond_vals->c = 't.account = :v1';
    $cond_vals->v = array(':v1' => $reg_user);
    $tmp = DbUtils::get($myPdo, TABLE_NAME_PREFIX_PLUGIN . 'client', $cond_vals, NULL, NULL, NULL, NULL, NULL)->d;
    if (count($tmp) > 0) {
      $_SESSION['reg_user'] = '邮箱已被用';
      $is_err = 1;
    }
  }
  if (strlen($reg_pass) < 6 || strlen($reg_pass) > 16) {
    $_SESSION['reg_pass'] = '密码必须在6-16位之间';
    $is_err = 1;
  }
  if ($reg_pass != $reg_pass_re) {
    $_SESSION['reg_pass_re'] = '密码输入不一样';
    $is_err = 1;
  }
  if ($reg_name == '') {
    $_SESSION['reg_name'] = '昵称不能为空';
    $is_err = 1;
  } else {
    $cond_vals = new stdClass();
    $cond_vals->c = 't.name = :v1';
    $cond_vals->v = array(':v1' => $reg_name);
    $tmp = DbUtils::get($myPdo, TABLE_NAME_PREFIX_PLUGIN . 'client', $cond_vals, NULL, NULL, NULL, NULL, NULL)->d;
    if (count($tmp) > 0) {
      $_SESSION['reg_name'] = '昵称已被用';
      $is_err = 1;
    }
  }
  if ($is_err == 1) {
    echo "
    <script>
    parent.location.href = '$from';
    </script>
    ";
    return;
  }
  
  $obj = new stdClass();
  $obj->track_id = MiscUtils::unique();
  $obj->account = $reg_user;
  $obj->password = md5($reg_pass);
  $obj->name = $reg_name;
  $obj->phone = $reg_phone;
  $obj->reg_date = date('Y-m-d', time());
  $obj->last_login = '0000-00-00';
  $obj->is_actived = 0;
  $obj->ip = _getIP();
  $obj->ip_place = '';
  DbUtils::add($myPdo, TABLE_NAME_PREFIX_PLUGIN . 'client', $obj);
  $obj->id = $myPdo->lastInsertId();
  try {
    $mailer = new PHPMailer();
    $mailer->IsSMTP();
    $mailer->Host = SMTP_HOST;
    $mailer->CharSet = "UTF-8";
    
    $content = '';
    
    $mailer->SMTPAuth = true;
    $mailer->Username = SMTP_USER_ATDN;
    $mailer->Password = SMTP_PASS_ATDN;
    $mailer->From = SMTP_USER_ATDN;
    $mailer->FromName = '宝贝大赢家官网';
    
    $mailer->Body = '<html><body>激活您的账号<a href="http://' . URL . '?i=25&script=active&t=' . $obj->track_id . '">请点击</a></body></html>';
    $mailer->Subject = '宝贝大赢家账号激活邮件';
  
    $mailer->isHTML(true);
    $mailer->AddAddress($obj->account, '');
    $mailer->Send();
    echo "
    <script>
    parent.location.href = '$url$reg_user';
    </script>
    ";
  } catch (phpmailerException $e) {
    echo $e->errorMessage(); //Pretty error messages from PHPMailer
  } catch (Exception $e) {
    echo $e->getMessage(); //Boring error messages from anything else!
  }
}

function login($myPdo) {
  unset($_SESSION['login_pass']);
  $url = MiscUtils::getParam('url', '');
  $from = MiscUtils::getParam('from', '');
  $login_user = MiscUtils::getParam('login_user', '');
  $login_pass = MiscUtils::getParam('login_pass', '');
  $_SESSION['login_user_v'] = $login_user;
  $cond_vals = new stdClass();
  $cond_vals->c = 't.account = :v1 AND t.password = :v2';
  $cond_vals->v = array(':v1' => $login_user, ':v2' => md5($login_pass));
  $tmps = DbUtils::get($myPdo, TABLE_NAME_PREFIX_PLUGIN . 'client', $cond_vals, NULL, NULL, NULL, NULL, NULL)->d;
  if (count($tmps) == 1) {
    $user = $tmps[0];
    if ($user->is_actived == 1) {
      $_SESSION['index' . USER] = $user;
      echo "
      <script>
      parent.location.href = '$url';
      </script>
      ";
    } else {
      $_SESSION['login_pass'] = '该用户未激活';
      echo "
      <script>
      parent.location.href = '$from';
      </script>
      ";
    }
  } else {
    $_SESSION['login_pass'] = '用户名密码错误';
    echo "
    <script>
    parent.location.href = '$from';
    </script>
    ";
  }
}

function send($myPdo) {
  unset($_SESSION['send_account']);
  $url = MiscUtils::getParam('url', '');
  $from = MiscUtils::getParam('from', '');
  $send_account = MiscUtils::getParam('send_account', '');
  $_SESSION['send_account_v'] = $send_account;
  $cond_vals = new stdClass();
  $cond_vals->c = 't.account = :v1';
  $cond_vals->v = array(':v1' => $send_account);
  $tmps = DbUtils::get($myPdo, TABLE_NAME_PREFIX_PLUGIN . 'client', $cond_vals, NULL, NULL, NULL, NULL, NULL)->d;
  if (count($tmps) == 0) {
    $_SESSION['send_account'] = '该用户不存在';
    echo "
    <script>
    parent.location.href = '$from';
    </script>
    ";
    return;
  }
  
  try {
    $mailer = new PHPMailer();
    $mailer->IsSMTP();
    $mailer->Host = SMTP_HOST;
    $mailer->CharSet = "UTF-8";
    
    $content = '';
    
    $mailer->SMTPAuth = true;
    $mailer->Username = SMTP_USER_ATDN;
    $mailer->Password = SMTP_PASS_ATDN;
    $mailer->From = SMTP_USER_ATDN;
    $mailer->FromName = '宝贝大赢家官网';
    
    $key = new stdClass();
    $key->t = $tmps[0]->track_id;
    $key->s = time();
    
    $mailer->Body = '<html><body>重置您的密码<a href="http://' . URL . '?i=25&script=send&key=' . urlencode(MiscUtils::convert(json_encode($key), basename(dirname(__FILE__)))) . '">请点击</a></body></html>';
    $mailer->Subject = '宝贝大赢家重置密码邮件';
  
    $mailer->isHTML(true);
    $mailer->AddAddress($send_account, '');
    $mailer->Send();
    if (isset($_SESSION['login_user_v'])) {
      unset($_SESSION['login_user_v']);
    }
    if (isset($_SESSION['login_pass'])) {
      unset($_SESSION['login_pass']);
    }
    echo "
    <script>
    parent.location.href = '$url';
    </script>
    ";
  } catch (phpmailerException $e) {
    echo $e->errorMessage(); //Pretty error messages from PHPMailer
  } catch (Exception $e) {
    echo $e->getMessage(); //Boring error messages from anything else!
  }
}

function _getIP(){ 
  if (getenv("HTTP_CLIENT_IP") && strcasecmp(getenv("HTTP_CLIENT_IP"), "unknown")) {
    $ip = getenv("HTTP_CLIENT_IP"); 
  } else if (getenv("HTTP_X_FORWARDED_FOR") && strcasecmp(getenv("HTTP_X_FORWARDED_FOR"), "unknown")) {
    $ip = getenv("HTTP_X_FORWARDED_FOR"); 
  } else if (getenv("REMOTE_ADDR") && strcasecmp(getenv("REMOTE_ADDR"), "unknown")) {
    $ip = getenv("REMOTE_ADDR"); 
  } else if (isset($_SERVER['REMOTE_ADDR']) && $_SERVER['REMOTE_ADDR'] && strcasecmp($_SERVER['REMOTE_ADDR'], "unknown")) {
    $ip = $_SERVER['REMOTE_ADDR']; 
  } else {
    $ip = "unknown"; 
  }
  return($ip);
}
?>
